Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SA5008: check for missing closing quote #1517

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

SA5008: check for missing closing quote #1517

wants to merge 1 commit into from

Conversation

nanzhong
Copy link

@nanzhong nanzhong commented Apr 8, 2024

This PR attempts to address handling the missing closing quote case for the struct tag parser.

I could be naive here, but changing the current implementation of the scanner from breaking when it's unable to find the closing double quote to returning an error would achieve this. This does the change the behaviour to now ignore partially valid tags (i.e. `xml:"complete" json:"missing` would no longer result in the xml:"complete" being checked), instead it will highlight the missing closing quote violation.

I'm not familiar with the intended testdata organization, so I've proposed a test case for this under the example.com/CheckStructTags.

@arp242
Copy link
Contributor

arp242 commented May 26, 2024

There's a bunch of other cases with quotes that should probably trigger an error; with your patch:

% git diff
diff --git i/staticcheck/sa5008/testdata/src/example.com/CheckStructTags/CheckStructTags.go w/staticcheck/sa5008/testdata/src/example.com/CheckStructTags/CheckStructTags.go
index 37b76813..966a6464 100644
--- i/staticcheck/sa5008/testdata/src/example.com/CheckStructTags/CheckStructTags.go
+++ w/staticcheck/sa5008/testdata/src/example.com/CheckStructTags/CheckStructTags.go
@@ -23,6 +23,14 @@ type T1 struct {
        O int        `json:"some-name,omitzero,omitempty,nocase,inline,unknown,format:'something,with,commas'"`
        P int        `json:"`          //@ diag(`missing closing quote`)
        Q int        `json:"some-name` //@ diag(`missing closing quote`)
+       R int        `json:some-name"`
+
+       AA int `json:"hmm""`
+       BB int `json:"hmm"""`
+       CC int `json:""hmm"`
+       DD int `json:"""hmm"`
+       EE int `json:""hmm""`
+       FF int `json:"""hmm"""`
 }

 type T2 struct {

% go test -count=1 ./staticcheck/sa5008
ok      honnef.co/go/tools/staticcheck/sa5008   0.578s

So no error on a missing starting quote or double quotes.

@nanzhong
Copy link
Author

nanzhong commented Jun 2, 2024

@arp242 you're totally right, however, the reason those are resulting in a pass is because the current implementation of parseStructTag intentionally silently stops parsing malformed struct tags when it encounters a part that does not follow the typical key:"value" format; note that all your test cases either are prefixed by a /json:".*"/ or do not start with a valid sequence.

I suspect the intent here is to be conservative since the language spec doesn't go beyond specifying that struct tags must be a string literal value. I'm not sure how strong @dominikh wants to preserve this behaviour. If not, then I can certainly update the struct tag parsing to fail more loudly, if so, then perhaps I could introduce a separate optional check that's more strict about the format of struct tags?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@nanzhong @arp242